Define resource profiles in FACILITY class

Use RDEFINE to define resource profiles in the FACILITY class for authorizing administrators who execute TOTP panels and to authorize the user ID of the started task.

About this task

You must define two profiles in the FACILITY class:
  • To define the authorization to execute the panels for TOTP administration, define a resource profile named IRR.RFACTOR.MFADEF.AZFTOTP1 in the FACILITY class.
  • To authorize the IBM® MFA web services started task user ID, you define a resource profile named IRR.RFACTOR.USER in the FACILITY class.

Procedure

  1. Define the profile in the FACILITY class for AZFTOTP1:
    RDEF FACILITY IRR.RFACTOR.MFADEF.AZFTOTP1 OWNER(userid or group-name)
  2. Define the profile in the FACILITY class for USER:
    RDEF FACILITY IRR.RFACTOR.USER UACC(NONE)
  3. Authorize the IBM MFA web services started task user ID to the profile:
    PERMIT IRR.RFACTOR.USER ACCESS(UPDATE) CLASS(FACILITY) ID(AZFWEB)
  4. Refresh the FACILITY class:
    SETROPTS RACLIST(FACILITY) REFRESH
  5. Verify the changes. For example:
    RLIST FACILITY IRR.RFACTOR.MFADEF.AZFTOTP1
    RLIST FACILITY IRR.RFACTOR.USER